Real Name | Sivanesh Ashok |
---|---|
Email address | private |
Website | stazot.com |
First Active | 2020-04-17 |
Last Active | 2020-08-03 |
October CMS builds 465 and below suffer from arbitrary file read, arbitrary file deletion, file uploading to arbitrary locations, persistent and reflective cross site scripting, and CSV injection vulnerabilities.
a79e40ac7fff8141301027b2d8a73d91
Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click.
e1905dcd1353235ff99a9faf7ed545ef
This Metasploit module exploits multiple vulnerabilities in Bolt CMS version 3.7.0 and 3.6.x in order to execute arbitrary commands as the user running Bolt. Valid credentials for a Bolt CMS user are required. This module has been successfully tested against Bolt CMS 3.7.0 running on CentOS 7.
0e1891b316c1ddb10007d34437171dba
Prestashop versions 1.7.6.4 and below suffer from code execution, cross site request forgery, and cross site scripting vulnerabilities.
e88f3fb2cabe4dd5fc52ac8955ab17bb